Monthly Archives: April 2017

The next (May) HackFormers meeting will be held on May 5th, 2017 at the BSides Austin 2017 event/location. It is free and open to all HackFormers and BSides attendees.

PLEASE READ THIS ENTIRE POST BEFORE REGISTERING.— SPECIAL NOTE —In order to attend the HackFormers event, you must be have a printed parking permit to enter and park in the JJ Pickle campus. NOTE: You do not need to register in the BSides Austin site as was originally communicated. Please print your PARKING PERMIT here

Abstract:In the Teach Security part of this talk, John will be doing a technical breakdown of a recently discovered vulnerability in the usbpcap driver (CVE-2017-6178) and see how it can be leveraged to elevate privileges from within the windows kernel. Details about this hands-on training is given below. In the Teach Christ and Security in Christ part of this talk, John will share on “Evolving Purpose, The (ongoing) Journey of a Hungry Hacker”.

Speaker Bio:

John deGruyter started his professional career in the 90s humping a pack and carrying an M-16 in the United States Marine Corps. Now, he enjoys taking things apart and studying how they work on a low level. His hunger for learning soon developed into a passion for teaching. He is a regular speaker at local security meet ups and has written course material and taught as an adjunct professor for The George Washington University.

Training (Workshop) details:

Understanding of the Windows kernel has typically been considered to have a steep learning curve and not for the faint of heart. However, many vulnerabilities have surfaced from within the depths of the kernel proving it to be a lucrative target for attackers. Security researchers who want to move beyond the classroom need to have a solid understanding of what goes on under the hood and behind the scenes. This course is geared toward providing a deeper understanding of how user applications interact with kernel device drivers and the related security implications. We will roll up our sleeves in some hands on exercises as we break down the different software components.

This training will cover:

An overview of the Windows kernel

Virtual memory

Privilege levels

Object manager

Interacting with drivers and devices

Analyzing crash dumps and live debugging with windbg

Required Materials:Students will be required to bring a laptop running VMWare Workstation or VMWare Fusion. (The 30 day trial is fine)
The following virtual machine will be required: